dsig v1.2.1

DSIG

Digital Signature with OpenPGP in JavaScript

About

DSIG (Digital Signature) is a JavaScript Application Programming Interface (API) and Command-Line Interface (CLI) for generating an OpenPGP public/private key pair, calculating the fingerprint of the public/private key, signing a payload with the private key and verifying the payload afterwards with the public key and the fingerprint. It is especially intended to sign application license files and application distribution archive files.

The crux of DSIG is:

1. It is based on OpenPGP.js, and as a consequence, it is a plain JavaScript solution which does not require an installed GnuPG and its native gpg command and works in both Node.js and the Browser.

2. The private key, public key, fingerprint and signature use a fully valid OpenPGP format and hence they could even be used with GnuPG, although the DSIG signature is a clear-signed OpenPGP message carrying both the SHA-512 digest of the payload and optional meta information.

Installation

$ npm install [-g] dsig

Example

See the Example section of the Unix manual page for an example how to prepare public/private key pair and fingerprint, and then sign and verify an application distribution archive or an application runtime license. A corresponding standalone Bourne shell script and equivalent Web page can be used for test-driving DSIG, too.

Usage

• Command-Line Interface: See Unix manual page.

• Application Programming Interface (API): See TypeScript API definition.

License

Copyright © 2015-2022 Dr. Ralf S. Engelschall Licensed under LGPL 3.0